Exame de Qualificação de Doutorado de Pedro Yóssis Silva Barbosa

Título do Trabalho: Privacy by Evidence: A Methodology to Provide Privacy Assurance in IoT Applications

Orientador(es):

Andrey Brito

Hyggo Almeida

Data: 06/03/2017

Horário: 09:00:00

Local: Auditório do LSD

Resumo:

In an increasingly connected world, a diversity of sensors collect data from the environment and its inhabitants. Because of the richness of the information collected, privacy becomes an important requirement. Applications are being developed, and, although there are principles and rules regarding users’ privacy, there is still a lack of methodologies to guide the integration of privacy guidelines into the development process. Unfortunately, existing methodologies like the Privacy by Design (PbD) are still vague and leave many open questions on how to apply them in practice. In this work we propose the concept of Privacy by Evidence (PbE), a methodology to provide privacy assurance in IoT applications. Given the difficulty in providing total privacy in such applications, we propose to document the mitigations in form of evidences of privacy, aiming to increase the confidence of the project. To evaluate the usefulness of the PbE, we conducted three case studies. The first case study is a smart metering application; the second considers a people counting and monitoring application; and the third considers an energy efficiency monitoring system. We concluded that the PbE can be effective in helping developers and companies to understand and address the privacy protection needs when creating IoT applications.